Hello, I use nftables as my firewall and setup the nftables.conf today. My firewall rules are based on whitelisting. Everything is dropped from INPUT and FORWARD as long as there is no specific rule for it. For my libvirt network interface virbr1 there are also some rules. I enabled the nftables.server so my firewall gets setup on startup. Now there is a problem. The libvirt network interfaces are not available this early in boot state. The nftables.service fails because it can't find the virbr1. UNIT settings for the nftables.service: Wants=network-pre.target Before=network-pre.target shutdown.target Conflicts=shutdown.target What is a good way to fix this problem?
Attachment:
signature.asc
Description: PGP signature